Jens Müller

**Nome do software vulnerável e versões afetadas** Versões do iOS anteriores à 15.2 Versões do iPadOS anteriores à 15.2 **Descrição** Existia uma falha no S/MIME no tratamento de e-mails criptografados, permitindo que um invasor pudesse recuperar o conteúdo em texto simples de um e-mail criptografado por S/MIME. Essa falha foi corrigida com a exclusão do carregamento automático de algumas partes MIME. **Recomendações** Para versões do iOS anteriores à 15.2, atualize para o iOS 15.2 ou posterior para resolver o problema. Para versões do iPadOS anteriores à 15.2, atualize para o iPadOS 15.2 ou posterior para resolver o problema.

**Nome do software vulnerável e versões afetadas** Plataformas HTML do Windows (versões afetadas não especificadas) **Descrição** O problema está relacionado a erros no gerenciamento de privilégios dentro do componente Plataforma HTML do Windows do sistema operacional Windows. Isso pode permitir que um invasor remoto contorne as restrições de segurança existentes. **Recomendações** No momento, não há informações sobre uma versão mais recente que contenha uma correção para essa vulnerabilidade.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.15 **Description** An issue existed in the handling of links in encrypted PDFs, which could allow an attacker to exfiltrate the contents of an encrypted PDF. This issue was addressed by adding a confirmation prompt. **Recommendations** For versions prior to 10.15, update to macOS Catalina 10.15 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 60.9 Thunderbird versions prior to 68.1 **Description** The issue is related to the Secure/Multipurpose Internet Mail Extensions (S/MIME) functionality in the Thunderbird email client, specifically concerning the lack of protection for certain data. This could allow a remote attacker to gain unauthorized access to protected information. Additionally, it is noted that encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in an HTML reply or forward. **Recommendations** For versions prior to 60.9, update to version 60.9 or later. For versions prior to 68.1, update to version 68.1 or later.

**Name of the Vulnerable Software and Affected Versions** Enigmail versions prior to 2.1 **Description** The issue allows an attacker with PGP encrypted emails to craft a multipart email that can hide the encrypted parts using HTML/CSS or ASCII newline characters. When the receiver replies to this email, they may unknowingly leak the plaintext of the encrypted message back to the attacker. This attack bypasses protection mechanisms implemented after previous attacks. **Recommendations** For Enigmail versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider avoiding replies to suspicious or unfamiliar emails to minimize the risk of exploitation. Restrict access to sensitive information when using Enigmail until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Enigmail versions prior to 2.0.11 **Description** The issue allows PGP signature spoofing. For an inline PGP message, an attacker can cause the product to display a "correctly signed" message indication, but display different unauthenticated text. **Recommendations** For versions prior to 2.0.11, update to version 2.0.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.9 **Description** The issue is related to the decryption of S/MIME parts in HTML messages, which can lead to plaintext leakage when included in a reply or forward. This is due to a lack of protection for certain data in the S/MIME and PGP functions of the Thunderbird email client. An attacker can exploit this issue by manipulating HTML messages to gain unauthorized access to protected information. **Recommendations** For versions prior to 52.9, update to version 52.9 or later to resolve the issue. As a temporary workaround, consider avoiding the use of HTML replies or forwards for sensitive messages until the update is applied. Restrict access to sensitive information when using the affected Thunderbird versions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.9 **Description** The issue is related to the Secure/Multipurpose Internet Mail Extensions (S/MIME) function in the Thunderbird email client, which lacks protection for certain data. This can allow a remote attacker to gain unauthorized access to protected information when an email is forwarded or replied to. Specifically, decrypted S/MIME parts that are hidden using CSS or the plaintext HTML tag can leak plaintext when included in an HTML reply or forward. **Recommendations** For versions prior to 52.9, update to version 52.9 or later to resolve the issue. As a temporary workaround, consider avoiding the use of HTML replies or forwards for emails containing sensitive S/MIME-protected information until the update is applied.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.4 macOS versions prior to 10.13.5 **Description** The issue involves the Mail component and allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration. **Recommendations** For iOS versions prior to 11.4, update to version 11.4 or later. For macOS versions prior to 10.13.5, update to version 10.13.5 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.4 macOS versions prior to 10.13.5 **Description** The issue involves the Security component and allows websites to track users by leveraging the transmission of S/MIME client certificates. **Recommendations** For iOS versions prior to 11.4, update to version 11.4 or later. For macOS versions prior to 10.13.5, update to version 10.13.5 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird ESR versions prior to 52.8 Thunderbird versions prior to 52.8 **Description** The issue is related to the implementation of the S/MIME protocol in the Thunderbird email client, which is associated with insufficiently robust data encryption. This can lead to the disclosure of plaintext when using remote content in encrypted messages. Exploitation of the issue may allow a remote attacker to gain unauthorized access to protected information. **Recommendations** For Thunderbird ESR versions prior to 52.8, update to version 52.8 or later. For Thunderbird versions prior to 52.8, update to version 52.8 or later.

**Name of the Vulnerable Software and Affected Versions** Thunderbird versions prior to 52.8 Thunderbird ESR versions prior to 52.8 **Description** The issue is related to information disclosure. It allows a remote attacker to gain unauthorized access to protected information through the `src` attribute of remote images or links. This could lead to the leakage of plaintext from decrypted emails. **Recommendations** For Thunderbird versions prior to 52.8, update to version 52.8 or later. For Thunderbird ESR versions prior to 52.8, update to version 52.8 or later. As a temporary workaround, consider restricting access to remote images or links in emails until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Thunderbird ESR versions prior to 52.8 Thunderbird versions prior to 52.8 **Description** The issue is related to the handling of encrypted emails in Thunderbird, where plaintext of decrypted emails can leak when a user submits an embedded form. This is due to a lack of encryption measures for protected data. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information. **Recommendations** For Thunderbird ESR versions prior to 52.8, update to version 52.8 or later to resolve the issue. For Thunderbird versions prior to 52.8, update to version 52.8 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Outlook (affected versions not specified) Microsoft Word (affected versions not specified) Microsoft Office (affected versions not specified) **Description** An information disclosure issue exists when a message is opened in Outlook, potentially resulting in the disclosure of sensitive information to a malicious site. **Recommendations** For Microsoft Outlook, consider implementing additional security measures to protect sensitive information when opening messages. For Microsoft Word, restrict access to potentially malicious documents until a fix is available. For Microsoft Office, apply configuration changes to minimize the risk of information disclosure when using Outlook to open messages. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.13.4 **Description** The issue involves the `Mail` component and allows man-in-the-middle attackers to read S/MIME encrypted message content. This is achieved by sending HTML e-mail that references remote resources but lacks a valid S/MIME signature. **Recommendations** For macOS versions prior to 10.13.4, update to version 10.13.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Enigmail versions prior to 1.9.9 **Description** An issue in Enigmail allows signature spoofing because the UI does not properly distinguish between an attachment signature and a signature that applies to the entire containing message. This can be demonstrated by an e-mail message with an attachment that is a signed e-mail message in message/rfc822 format. **Recommendations** For versions prior to 1.9.9, update to version 1.9.9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Enigmail versions prior to 1.9.9 **Description** An issue in Enigmail allows signature spoofing for multipart/related messages. This occurs because a signed message part can be referenced with a cid: URI but not actually displayed, making the entire containing message appear signed when it is not. The recipient does not see any of the signed text, potentially leading to misleading information about the message's authenticity. **Recommendations** For versions prior to 1.9.9, update to version 1.9.9 or later to resolve the issue. As a temporary workaround, consider verifying the authenticity of messages through alternative means until the update can be applied.